Install · npm

@ledrapay/components from our private registry

The SDK is published to npm.ledrapay.com — a token-required registry for enterprise integrations. Installs authenticate with a per-customer token you can rotate or revoke; the package itself is identical byte-for-byte to the CDN bundle.

Setup

The complete configuration, step by step

Why config is needed at all: npm install @ledrapay/components asks whatever registry npm is configured for. By default that's npmjs.org, where this package deliberately does not exist. The one-time setup below tells npm two things: where the @ledrapay scope lives, and who you are when you ask for it.

1 · Get a token

Tokens are issued per customer/environment — request access. You'll receive a JWT string; treat it like a password.

2 · Configure npm — pick one

Team / CI setup (recommended) — commit the .npmrc to the repo, inject the secret via an environment variable:

# .npmrc — in the project root, safe to commit (contains no secret)
@ledrapay:registry=https://npm.ledrapay.com/
//npm.ledrapay.com/:_authToken=${LEDRAPAY_NPM_TOKEN}
# each developer / CI job sets the secret in the environment:
export LEDRAPAY_NPM_TOKEN="…your token…"

Solo setup — put the token directly in your user-level npmrc instead (never commit this form):

# ~/.npmrc  (chmod 600)
@ledrapay:registry=https://npm.ledrapay.com/
//npm.ledrapay.com/:_authToken=…your token…

Only the @ledrapay scope resolves to our registry — every other package in your tree keeps installing straight from npmjs. Your dependency traffic never touches our infrastructure.

3 · Install — the full package name, not the bare scope

npm install @ledrapay/components

# note: `npm i @ledrapay` alone is NOT a package name — it fails with
# EINVALIDTAGNAME. The scope always needs the package: @ledrapay/components

4 · Verify the wiring before you build

# who does the registry think you are? (should print your username)
npm whoami --registry https://npm.ledrapay.com

# can you resolve the package? (should print the current version)
npm view @ledrapay/components version

5 · Use it

// registers all ledrapay-* custom elements (side-effect import)
import '@ledrapay/components';

// i18n helpers are named exports from the same module
import { setLedraPayStrings, setLedraPayLocale, de, fr } from '@ledrapay/components';

Other package managers

pnpm, Yarn 1, Yarn Berry

ManagerConfig
pnpmReads the same .npmrc — no extra config.
yarn 1.xReads the same .npmrc — no extra config.
yarn 2+ (Berry)Ignores .npmrc — add to .yarnrc.yml:
npmScopes: { ledrapay: { npmRegistryServer: "https://npm.ledrapay.com", npmAuthToken: "${LEDRAPAY_NPM_TOKEN}" } }

CI example (GitHub Actions) — the committed .npmrc does the routing; the secret arrives as an env var:

steps:
  - uses: actions/checkout@v4
  - uses: actions/setup-node@v4
  - run: npm ci
    env:
      LEDRAPAY_NPM_TOKEN: ${{ secrets.LEDRAPAY_NPM_TOKEN }}

Tokens

Getting and keeping access

Tokens are issued per customer (or per environment) by the Ledra Pay team — request access. Treat them like any registry credential:

DoWhy
inject via env var / CI secret storeKeeps tokens out of committed .npmrc files.
one token per environmentRevoking CI doesn't lock out developers.
calendar the expiryTokens expire after 90 days. Re-provisioning is the renewal path; an expired token fails with E401.

Troubleshooting

Every failure mode, with its exact error

ErrorCause & fix
E401 "authentication token seems to be invalid"Most often the env var is simply unset in the shell or CI job npm runs in — npm sends the unexpanded value and the registry rejects it. Check echo $LEDRAPAY_NPM_TOKEN in the same context. Also fires for expired tokens (90-day expiry — re-provisioning is the renewal path).
E404 @ledrapay/components not foundThe scope line is missing from .npmrc, so npm asked npmjs — the package intentionally does not exist there (dependency-confusion protection). Add @ledrapay:registry=https://npm.ledrapay.com/.
EINVALIDTAGNAME "@ledrapay"You ran npm i @ledrapay — the bare scope isn't a package. Install @ledrapay/components.
whoami: ENEEDAUTHYour token isn't reaching the registry — the //npm.ledrapay.com/:_authToken= line is missing, in the wrong file, or the URL doesn't match (host must be exactly npm.ledrapay.com).
Prefer a script tag? The same bundle ships on the CDN with SRI and no credentials for the standard tier — see the CDN install guide.